diamond-band.com
Issued by R3
About this certificate
This digital certificate with serial number 04:ba:7b:dc:12:5f:f3:19:ef:97:9b:53:c0:42:b2:14:a2:9b was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=diamond-band.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ba:7b:dc:12:5f:f3:19:ef:97:9b:53:c0:42:b2:14:a2:9bSerial Number (int): 411906301695811247621688217151780116800155
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0a:c0:82:54:1b:20:c5:bf:10:cf:a4:87:07:71:48:a8:73:61:31:f8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b5:30:4d:bb:2d:7c:ae:75:f1:83:40:a9:53:95:23:8a:8c:d6:88:62
Fingerprint (sha256): 62:5e:bf:99:c3:5b:4e:75:3d:7f:d6:12:84:08:9d:23:76:88:50:36:b4:b8:66:f4:a9:14:50:f8:e1:38:d3:02
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate diamond-band.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for diamond-band.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
diamond-band.com
Other certificates including the domain name diamond-band.com
(limited to 100 certificates)
brokerageinbound.com
www.pittsburghsportsmed.com
www.sportsmedicineboise.com
alternativephysicians.org
www.newyorkridesharing.com
internetsampling.com
obgynnegligence.com
terrafence.com
diamond-band.com
www.sportsdoctorssaltlake.com
www.lucky333.com
limonella.com
impalajudaica.com
www.rotomold-case.com
sportsmedicineboise.com
www.growgoodgarden.com
www.safepatientlifting.com
www.kwikshred.com
ripoffdoc.com
www.distractionfreezone.com
bugbite.org
recensera.com
www.diamond-band.com
www.pittsburghsportsmed.com
www.sportsmedicineboise.com
alternativephysicians.org
www.newyorkridesharing.com
internetsampling.com
obgynnegligence.com
terrafence.com
diamond-band.com
www.sportsdoctorssaltlake.com
www.lucky333.com
limonella.com
impalajudaica.com
www.rotomold-case.com
sportsmedicineboise.com
www.growgoodgarden.com
www.safepatientlifting.com
www.kwikshred.com
ripoffdoc.com
www.distractionfreezone.com
bugbite.org
recensera.com
www.diamond-band.com
Certificate
The complete raw certificate details for diamond-band.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgISBLp73BJf8xnvl5tTwEKyFKKbMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTYxNDQ0MTVaFw0yNDA0MTUxNDQ0MTRaMBsxGTAXBgNVBAMT EGRpYW1vbmQtYmFuZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQDI2geqMZ+vShFfp0/JKCvmaZtra84QugHbQHcB69w6h0E3T09bW5XAbwY3JMbi KCrh4xEHLARO2YyTojuatS2DOI8OspgKh/44weXXLd7AlUeE78Gi/x7TM7o6BA13 tUoW8oIHIVsAVMOK1QiiWhap7NiaYJKlob2CEXXwPp6rr/CKJN80SB9jhHYnxDxM Vyq5iNeJcnwB6iNQ+b197YVvC1VJuEIaX38Lxenrs36FUjPA28qgGCp7qoXQRYNZ KBVcazKHPOJPk9a+KfNDmaaOJ3LsUM4OwmoRf09wMAn9bhjbJ/Suw53hmwrcVgDy 2qDJag6hb9I7+eGQrIVuH3ZLeFUKosvCLvZkvE4IE6ISomp0pQctqjmI5XWGtvWr 6e7i2szslug94sAlxS6eFhUat7Pquo99DlTq3s0Dt7vuQDWM2BikqE5qqf7ORiWw amjN3X6Lo2KtJzz/WGDh2TU3DPfir2tLxZ2yiEOCoKBgreUbzzNOamxRwept5pu9 8MBCH9BA4ZPBwR7hVmOXo0f0NUtYIPCUfCwXJn1q5/06zJbAoHniOuQgFUptmD26 ZhYbmlU/nlze3nxGKi1+RIDTBEanwDXoEDWnSz29rDBBYGDl/0OwxeObeo+tw560 HXo5GofHkC9x766U173QfzVCCCYIKAIs/XAdweV2O6fFxQIDAQABo4ICEjCCAg4w DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQKwIJUGyDFvxDPpIcHcUioc2Ex+DAfBgNV HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0 cDovL3IzLmkubGVuY3Iub3JnLzAbBgNVHREEFDASghBkaWFtb25kLWJhbmQuY29t MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA O1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNEvHWfQAABAMASDBG AiEA8gNhhhnVVHiAgW7y9qB0NaUZIVvqXWIcbBCkuozbWwkCIQDlWVKLUwVSd02J m5iQJSxpu5QGJTv2MxMkgeVYUQUnjQB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze w1FIWUZxH7WbAAABjRLx1oIAAAQDAEYwRAIgOKgmyHL2F55GlMRPSTT+g7ozOMGo X698kuy4IbpjySUCIBdZYKqUSX+QU1rIbCFVizl/Hhm0N37BqS6pgsDAXYqeMA0G CSqGSIb3DQEBCwUAA4IBAQBHGYImKlCMK4ekeJYtHCVqAoVvVHh9baS9pU1jLiJJ ZZvCXfxpHnMGuytp2t3S7wG4RUEBZ2+GX9oO3U7VnNGsvNwA9O6e0B4R5yoUVT8P k/FGVXWQtJq+8ibe10QTs0QvmCxx+3NtvaonH0J44uTM8dcQoDM8Ljauu0kfnw4u VGWAIAv0eZdxCXYNl6qpRX1FsfFSsJ49RUOygfQBYM3yUXaGonvBvBPKnapR+etK V2qXY/fcc8PC4vnfB3WqqVCham8gEunHxm96lENpfTXOom4NjBrMQe0kHt7tPJIr mfY3rQDqcscoXuVu7dCKQ1j+fFzE07Q5uFbF2FgAi+2N -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyNoHqjGfr0oRX6dPySgr 5mmba2vOELoB20B3AevcOodBN09PW1uVwG8GNyTG4igq4eMRBywETtmMk6I7mrUt gziPDrKYCof+OMHl1y3ewJVHhO/Bov8e0zO6OgQNd7VKFvKCByFbAFTDitUIoloW qezYmmCSpaG9ghF18D6eq6/wiiTfNEgfY4R2J8Q8TFcquYjXiXJ8AeojUPm9fe2F bwtVSbhCGl9/C8Xp67N+hVIzwNvKoBgqe6qF0EWDWSgVXGsyhzziT5PWvinzQ5mm jidy7FDODsJqEX9PcDAJ/W4Y2yf0rsOd4ZsK3FYA8tqgyWoOoW/SO/nhkKyFbh92 S3hVCqLLwi72ZLxOCBOiEqJqdKUHLao5iOV1hrb1q+nu4trM7JboPeLAJcUunhYV Grez6rqPfQ5U6t7NA7e77kA1jNgYpKhOaqn+zkYlsGpozd1+i6NirSc8/1hg4dk1 Nwz34q9rS8WdsohDgqCgYK3lG88zTmpsUcHqbeabvfDAQh/QQOGTwcEe4VZjl6NH 9DVLWCDwlHwsFyZ9auf9OsyWwKB54jrkIBVKbZg9umYWG5pVP55c3t58RiotfkSA 0wRGp8A16BA1p0s9vawwQWBg5f9DsMXjm3qPrcOetB16ORqHx5Avce+ulNe90H81 QggmCCgCLP1wHcHldjunxcUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 411906301695811247621688217151780116800155 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-16 14:44:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-15 14:44:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'diamond-band.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 819403362644007743665136670370937481185118735714165764509450912233885804026363695957787060156519452699965727907570853706102581675187433470510515447480010068862307335208584838813594132911351962152435898683596838038593363104155541318226684715160086162209903509608722556136564332201277715278136364556789071940597012174083270231655151086727292275328507652168002857166967668571733228085593520158074488747657531276654139305543050190575363894608111758132389603878319101400339354519050862456078052341599913589415803459906212540673092291010447314523689214352207214685321009381006470485667424680375652618284230523592936968993828608086801121445098516789702613565969175724220439320615754719976483307598376680959371076056414374702558872490642239554402806345805513354849131527975767579791258064352459683150702178436013224318238431759535290828651815189776968750587750943477532760658319032662075298466622064836500731919138979191061756528750596233187581319698535081577381447069185217760029121762521482585570125980309489134343944694110839293752506179738219053360374785882637148092090338370857399473770283393618987209264909522356167846921655905037015043430005090255684764623724741848289355145409897018247870594828542019683690588798754616694053406229957 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0ac082541b20c5bf10cfa487077148a8736131f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamond-band.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d12f1d67d0000040300483046022100f203618619d5547880816ef2f6a07435a519215bea5d621c6c10a4ba8cdb5b09022100e559528b530552774d899b9890252c69bb9406253bf633132481e5585105278d007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d12f1d6820000040300463044022038a826c872f6179e4694c44f4934fe83ba3338c1a85faf7c92ecb821ba63c9250220175960aa94497f90535ac86c21558b397f1e19b4377ec1a92ea982c0c05d8a9e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00471982262a508c2b87a478962d1c256a02856f54787d6da4bda54d632e2249659bc25dfc691e7306bb2b69daddd2ef01b8454101676f865fda0edd4ed59cd1acbcdc00f4ee9ed01e11e72a14553f0f93f146557590b49abef226ded74413b3442f982c71fb736dbdaa271f4278e2e4ccf1d710a0333c2e36aebb491f9f0e2e546580200bf479977109760d97aaa9457d45b1f152b09e3d4543b281f40160cdf2517686a27bc1bc13ca9daa51f9eb4a576a9763f7dc73c3c2e2f9df0775aaa950a16a6f2012e9c7c66f7a9443697d35cea26e0d8c1acc41ed241edeed3c922b99f637ad00ea72c7285ee56eedd08a4358fe7c5cc4d3b439b856c5d858008bed8d